From 16bb13fc100560751400bcd344600030a74f8e0a Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 1 Feb 2022 14:00:08 -0500 Subject: [PATCH] Agent: Remove ScoutSuite system info collector --- .../system_info/collectors/aws_collector.py | 10 ------ .../scoutsuite_collector.py | 35 ------------------- 2 files changed, 45 deletions(-) delete mode 100644 monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py diff --git a/monkey/infection_monkey/system_info/collectors/aws_collector.py b/monkey/infection_monkey/system_info/collectors/aws_collector.py index 074d19cc1..8cbf26976 100644 --- a/monkey/infection_monkey/system_info/collectors/aws_collector.py +++ b/monkey/infection_monkey/system_info/collectors/aws_collector.py @@ -1,12 +1,7 @@ import logging from common.cloud.aws.aws_instance import AwsInstance -from common.cloud.scoutsuite_consts import CloudProviders from common.common_consts.system_info_collectors_names import AWS_COLLECTOR -from infection_monkey.network.tools import is_running_on_island -from infection_monkey.system_info.collectors.scoutsuite_collector.scoutsuite_collector import ( - scan_cloud_security, -) from infection_monkey.system_info.system_info_collector import SystemInfoCollector logger = logging.getLogger(__name__) @@ -22,11 +17,6 @@ class AwsCollector(SystemInfoCollector): def collect(self) -> dict: logger.info("Collecting AWS info") - if is_running_on_island(): - logger.info("Attempting to scan AWS security with ScoutSuite.") - scan_cloud_security(cloud_type=CloudProviders.AWS) - else: - logger.info("Didn't scan AWS security with ScoutSuite, because not on island.") aws = AwsInstance() info = {} if aws.is_instance(): diff --git a/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py b/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py deleted file mode 100644 index ec8a5e488..000000000 --- a/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py +++ /dev/null @@ -1,35 +0,0 @@ -import logging -from typing import Union - -import ScoutSuite.api_run -from ScoutSuite.providers.base.provider import BaseProvider - -from common.cloud.scoutsuite_consts import CloudProviders -from common.utils.exceptions import ScoutSuiteScanError -from infection_monkey.config import WormConfiguration -from infection_monkey.telemetry.scoutsuite_telem import ScoutSuiteTelem - -logger = logging.getLogger(__name__) - - -def scan_cloud_security(cloud_type: CloudProviders): - try: - results = run_scoutsuite(cloud_type.value) - if isinstance(results, dict) and "error" in results and results["error"]: - raise ScoutSuiteScanError(results["error"]) - send_scoutsuite_run_results(results) - except (Exception, ScoutSuiteScanError) as e: - logger.error(f"ScoutSuite didn't scan {cloud_type.value} security because: {e}") - - -def run_scoutsuite(cloud_type: str) -> Union[BaseProvider, dict]: - return ScoutSuite.api_run.run( - provider=cloud_type, - aws_access_key_id=WormConfiguration.aws_access_key_id, - aws_secret_access_key=WormConfiguration.aws_secret_access_key, - aws_session_token=WormConfiguration.aws_session_token, - ) - - -def send_scoutsuite_run_results(run_results: BaseProvider): - ScoutSuiteTelem(run_results).send()